2021.12.9 使用go语言免杀360、微软、腾讯、火绒

This program remaps its image to prevent the page protection of pages contained in the image from being modified via NtProtectVirtualMemory.

🔑 Stealer written on C#, logs will be sent to Telegram bot.

How to spoof the command line when spawning a new process from C#.

A collection of source code for various botnets.

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

venom - C2 shellcode generator/compiler/handler

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

A collection of various awesome lists for hackers, pentesters and security researchers

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

This repository aims to hold suggestions (and hopefully/eventually code) for CTF challenges. The "project" is nicknamed Katana.

Weaponized web shell

Automated All-in-One OS Command Injection Exploitation Tool

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

CTF竞赛权威指南

The all-in-one browser extension for offensive security professionals 🛠

溯光 (TrackRay) 3 beta⚡渗透测试框架（资产扫描|指纹识别|暴力破解|网页爬虫|端口扫描|漏洞扫描|代码审计|AWVS|NMAP|Metasploit|SQLMap）

VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.

The ultimate phishing tool with 38 websites available!

Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.

Using Socks4/5 or http proxies to make a multithreading Http-flood/Https-flood (cc) attack.

🔨 A modern multiple reverse shell sessions manager written in go

Process Ghosting in C#

🔧 tool for embedding various type of resources in go Windows executable

Log4Shell RCE Exploit - fully independent exploit does not require any 3rd party binaries.

Another Go Shellcode Loader using Windows APIs

Bypass WinAPI Hook Using copy function

Scan for misconfigured S3 buckets across S3-compatible APIs!